package com.miniprogram.api.iterceptor;

import com.miniprogram.api.service.ICustomerUserTokenService;
import com.miniprogram.bean.po.CustomerUserToken;
import com.miniprogram.common.annotation.Login;
import com.miniprogram.common.annotation.LoginNoMust;
import com.miniprogram.common.enums.RestStatusEnum;
import com.miniprogram.common.utils.Shift;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 权限(Token)验证
 *
 * @author lin
 */
//@SuppressWarnings("ALL")
@Component
public class AuthorizationInterceptor implements HandlerInterceptor {
    @Autowired
    private ICustomerUserTokenService tokenService;

    public static final String USER_KEY = "userId";

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        Login loginAnnotaion;
        LoginNoMust loginNoMustAnnotaion;
        if (handler instanceof HandlerMethod) {
            loginAnnotaion = ((HandlerMethod) handler).getMethodAnnotation(Login.class);
            loginNoMustAnnotaion = ((HandlerMethod) handler).getMethodAnnotation(LoginNoMust.class);
        } else {
            return true;
        }

        if (loginAnnotaion != null) {
            //从header中获取token
            String token = request.getHeader("token");
            //如果header中不存在token，则从参数中获取token
            if (StringUtils.isBlank(token)) {
                token = request.getParameter("token");
            }

            //token为空
            if (StringUtils.isBlank(token)) {
                Shift.fatal(RestStatusEnum.UNAUTHORIZED);
            }

            //查询token信息
            CustomerUserToken tokenEntity = tokenService.getByToken(token);
            if (tokenEntity == null || tokenEntity.getExpireTime().getTime() < System.currentTimeMillis()) {
                Shift.fatal(RestStatusEnum.UNAUTHORIZED);
            }

            //设置userId到request里，后续根据userId，获取用户信息
            request.setAttribute(USER_KEY, tokenEntity.getUserId());
            return true;
        }

        if (loginNoMustAnnotaion != null) {
            //从header中获取token
            String token = request.getHeader("token");
            //如果header中不存在token，则从参数中获取token
            if (StringUtils.isBlank(token)) {
                token = request.getParameter("token");
            }

            //token为空
            if (StringUtils.isBlank(token)) {
                return true;
            }

            //查询token信息
            CustomerUserToken tokenEntity = tokenService.getByToken(token);
            if (tokenEntity == null || tokenEntity.getExpireTime().getTime() < System.currentTimeMillis()) {
                return true;
            }

            //设置userId到request里，后续根据userId，获取用户信息
            request.setAttribute(USER_KEY, tokenEntity.getUserId());
            return true;
        }

        return true;
    }
}
